Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/aQ15-5dar1aqgdmTJxXJsHa1LDw.roa
File:                     aQ15-5dar1aqgdmTJxXJsHa1LDw.roa (raw, json)
Hash identifier:          1rVI43V3MOJKO7UAkMxeh1LlYc7UXyA9BgVQnSxTc5I=
Subject key identifier:   69:0D:79:FB:97:5A:AF:56:AA:81:D9:93:27:15:C9:B0:76:B5:2C:3C
Certificate issuer:       /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial:       0194252176EE0C72EC6B77D2F8BD4087A360
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/aQ15-5dar1aqgdmTJxXJsHa1LDw.roa
Signing time:             Thu 02 Jan 2025 03:48:57 +0000
ROA not before:           Thu 02 Jan 2025 03:48:57 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     34187
IP address blocks:        78.26.128.0/18 maxlen: 18
                          78.26.128.0/19 maxlen: 19
                          78.26.128.0/24 maxlen: 24
                          78.26.129.0/24 maxlen: 24
                          78.26.130.0/24 maxlen: 24
                          78.26.140.0/22 maxlen: 22
                          78.26.151.0/24 maxlen: 24
                          78.26.160.0/19 maxlen: 19
                          78.26.161.0/24 maxlen: 24
                          78.26.180.0/23 maxlen: 23
                          78.26.192.0/18 maxlen: 18
                          78.26.192.0/19 maxlen: 19
                          78.26.192.0/20 maxlen: 20
                          78.26.192.0/22 maxlen: 22
                          78.26.224.0/19 maxlen: 19
                          185.70.108.0/22 maxlen: 22
                          185.70.108.0/23 maxlen: 23
                          185.70.110.0/23 maxlen: 23
                          195.245.118.0/23 maxlen: 23
                          195.245.118.0/24 maxlen: 24
                          195.245.119.0/24 maxlen: 24
                          2a03:1240::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:21:76:ee:0c:72:ec:6b:77:d2:f8:bd:40:87:a3:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
        Validity
            Not Before: Jan  2 03:48:57 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=690d79fb975aaf56aa81d9932715c9b076b52c3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:43:0a:8f:df:ba:0c:4f:39:bb:f1:bd:62:66:
                    e9:36:8e:25:5c:f2:06:60:bf:bc:39:d3:69:ec:77:
                    91:f1:2c:a9:ea:a2:5d:2d:6e:4f:de:64:92:53:86:
                    8e:ab:71:25:23:db:06:99:11:b2:e9:21:a6:fb:31:
                    4e:63:19:75:17:9f:fd:16:d5:ff:77:7a:c7:c6:b3:
                    43:41:32:92:73:ac:04:92:bc:90:0f:fd:44:57:28:
                    d0:98:bc:a7:d3:52:7c:6f:67:bc:b8:70:64:ad:86:
                    6d:67:74:9c:3e:7d:01:d1:2a:5c:6c:a7:a1:8f:1b:
                    c2:6c:55:24:34:de:bf:5b:b0:47:42:2a:bb:a5:0f:
                    de:2b:0c:44:62:e3:73:a7:0f:59:ef:8b:2f:82:ae:
                    b1:b2:f9:05:87:a4:6d:c1:57:39:59:49:41:56:f0:
                    17:e8:68:49:a6:3c:d8:35:21:b3:89:e7:89:98:2b:
                    00:9d:57:a8:d6:87:2f:6e:13:55:b5:59:38:3f:29:
                    fb:2d:3f:63:03:11:9a:e4:62:40:51:75:e7:4a:bb:
                    8f:82:91:5c:ce:bc:f3:5e:48:9a:67:74:cd:90:63:
                    26:ab:49:bd:04:bb:aa:50:92:d3:42:a2:d0:ae:15:
                    d1:69:85:b7:90:4b:65:eb:9d:b2:13:71:91:3c:3b:
                    d3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:0D:79:FB:97:5A:AF:56:AA:81:D9:93:27:15:C9:B0:76:B5:2C:3C
            X509v3 Authority Key Identifier:
                keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/aQ15-5dar1aqgdmTJxXJsHa1LDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.26.128.0/17
                  185.70.108.0/22
                  195.245.118.0/23
                IPv6:
                  2a03:1240::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:19:09:c6:c0:a8:9c:7c:a4:bf:3e:ed:d6:d4:b4:e6:5d:a8:
         4c:15:d8:f2:39:5a:aa:90:79:39:b3:e1:01:02:84:f0:0e:8e:
         d6:ed:4b:d2:3f:f1:4c:c6:d4:a6:d9:23:a9:99:71:f4:dc:f4:
         96:2d:58:65:9e:0a:c5:b2:0f:82:cf:d2:14:67:12:a2:6c:ae:
         93:a3:94:14:80:88:e3:44:d1:fd:ab:9e:9b:63:8a:d6:b6:45:
         fb:96:87:b3:58:22:a4:41:c7:e4:90:8b:6a:f0:1f:85:be:fd:
         d6:4b:84:d0:03:a3:b6:7a:ad:8e:f3:d9:c3:89:76:60:37:fc:
         b7:7e:bd:77:2a:19:1c:38:11:df:70:9c:f1:26:9e:d7:56:5d:
         d4:8b:c2:fd:22:a2:9f:dc:6d:6f:f0:ec:a8:7e:be:79:49:6c:
         ad:3a:8b:84:7e:21:53:4d:cc:e7:6f:d7:cc:bf:a3:67:92:1c:
         1e:63:dd:9b:a3:18:7f:6d:5f:3d:dc:cc:30:08:83:09:08:83:
         98:85:b7:f4:06:94:e1:50:3a:f7:f9:1b:c7:bc:e9:1b:b6:4b:
         cd:88:33:9b:6f:ab:64:6b:ea:d7:16:3b:32:99:be:d4:1c:f7:
         8e:fa:d8:0a:ba:1e:cd:9a:9e:46:13:66:65:47:bc:21:c7:63:
         c6:c5:cf:f4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQlIXbuDHLsa3fS+L1Ah6NgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBkNzlmYjk3NWFhZjU2YWE4MWQ5OTMyNzE1YzliMDc2YjUyYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0MKj9+6DE85u/G9YmbpNo4lXPIG
YL+8OdNp7HeR8Syp6qJdLW5P3mSSU4aOq3ElI9sGmRGy6SGm+zFOYxl1F5/9FtX/
d3rHxrNDQTKSc6wEkryQD/1EVyjQmLyn01J8b2e8uHBkrYZtZ3ScPn0B0SpcbKeh
jxvCbFUkNN6/W7BHQiq7pQ/eKwxEYuNzpw9Z74svgq6xsvkFh6RtwVc5WUlBVvAX
6GhJpjzYNSGzieeJmCsAnVeo1ocvbhNVtVk4Pyn7LT9jAxGa5GJAUXXnSruPgpFc
zrzzXkiaZ3TNkGMmq0m9BLuqUJLTQqLQrhXRaYW3kEtl652yE3GRPDvTTwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGkNefuXWq9WqoHZkycVybB2tSw8MB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvYVExNS01ZGFyMWFxZ2RtVEp4WEpzSGExTER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQHThqAAwQC
uUZsAwQBw/V2MA8EAgACMAkDBwAqAxJAAAAwDQYJKoZIhvcNAQELBQADggEBAKYZ
CcbAqJx8pL8+7dbUtOZdqEwV2PI5WqqQeTmz4QEChPAOjtbtS9I/8UzG1KbZI6mZ
cfTc9JYtWGWeCsWyD4LP0hRnEqJsrpOjlBSAiONE0f2rnptjita2RfuWh7NYIqRB
x+SQi2rwH4W+/dZLhNADo7Z6rY7z2cOJdmA3/Ld+vXcqGRw4Ed9wnPEmntdWXdSL
wv0iop/cbW/w7Kh+vnlJbK06i4R+IVNNzOdv18y/o2eSHB5j3ZujGH9tXz3czDAI
gwkIg5iFt/QGlOFQOvf5G8e86Ru2S82IM5tvq2Rr6tcWOzKZvtQc94762Aq6Hs2a
nkYTZmVHvCHHY8bFz/Q=
-----END CERTIFICATE-----